Hacker 'Weev' sentenced to 41 months in jail for iPad hack

'Weev,' whose real name is Andrew Auernheimer, was charged with breaking into AT&T servers and distributing a list of e-mail addresses belonging to iPad users.

Reuters

Andrew Auernheimer is seen in this police booking photograph taken by the Fayetteville, Arkansas, Police Department on June 15, 2010. Auernheimer was sentenced on March 18 to three years and five months in prison for stealing the personal data of about 114,000 Apple Inc iPad users. The booking photo is from an unrelated arrest in Fayetteville.

Loading...

March 19, 2013

By Matthew Shaer

The 27-year-old hacker known as Weev has been sentenced to 41 months in jail for distributing more than 100,000 e-mail addresses stolen from AT&T servers.

In 2010, Weev, whose real name is Andrew Auernheimer, exploited a loophole in the AT&T security infrastructure, and eventually obtained a list of 114,000 e-mail addresses belonging to iPad 3G users. He later turned those addresses over to a reporter at Gawker, prompting an FBI investigation. As The Week magazine notes, Mr. Auernheimer and his partner, Daniel Spitler, claimed that they were trying to draw attention to a dangerous security "flaw."

But in November of last year, Auernheimer was found guilty of identity fraud and conspiracy to access a computer without authorization. According to Reuters, the 41-month sentence fell at the upper end of the spectrum sought by prosecutors.

"When it became clear that he was in trouble, he concocted the fiction that he was trying to make the Internet more secure, and that all he did was walk in through an unlocked door," US Attorney Paul Fishman said in a statement after the sentencing. "The jury didn't buy it, and neither did the court in imposing sentence."

Auernheimer has vowed to appeal. In the meantime, plenty of activists have rallied to his cause.

In an opinion piece published today on Digital Trends, Andrew Couts, a staff writer for the site, highlights the link between Auernheimer and Aaron Swartz, the computer programmer who took his own life in January. Both Auernheimer and Mr. Swartz were charged under the terms of the Computer Fraud and Abuse Act, which Mr. Couts calls "absurdly vague and outdated" and professor and journalist Tim Wu has called "the worst law in technology."

Get the Monitor Stories you care about delivered to your inbox.

By signing up, you agree to our Privacy Policy and European users agree to the data transfer policy.

Under the CFAA and the Computer Intelligence Sharing and Protection Act, or CISPA, many Internet users "feel afraid to use the amazing tools at our disposal," Couts writes. He continues:

It is a blow against the belief that the Internet and all its capabilities provide any of us with any real power that we lacked before we jumped online. Instead, it has given those who wish to maintain the status quo more power to do so – by tracking our activities, reading our emails, locking our phones, and collecting our tweets. The very thing that was supposed to set us free has only snapped on more shackles. And right now, I can’t for the life of me see how we can shake them. Please, tell me I’m wrong.